(Note: these changes have been incorportated by the author into the 0.40
release. -DT 2004-01-18)

I spent a little time getting Dropbear (0.40pre1, but the patch will also
apply to 0.39) working on HP-UX 11.00 (using prngd).

The changes are, in no particular order:

* HP-UX doesn't have a sete[ug]id.  I simulated it with setres[ug]id.

* HP-UX doesn't define _PATH_DEVNULL

* getspnam() is in libsec.  Because this required a change to configure.in,
  you will need to run "autoconf" before running configure (or manually add
  "-lsec" to LDFLAGS).

* options.h defines DROPBEAR_PRNGD_SOCKET, but the code in random.c has
  DROPBEAR_EGD_SOCKET.

* prngd (at least, the one I have) requires a command to be sent to it
  before you can read entropy.  Attempting to just read from the socket will
  block indefinitely.

* HP-UX doesn't define VREPRINT or VDISCARD, so don't use them.

* TCP forwarding does not compile because HP-UX 11.00 does not have getaddrinfo
  and friends, so I just disabled it.  11.11 and up have it and should
  work OK.  If necessary, OpenSSH's fake-rfc2553 code could be ported.

With these changes, it worked fine with both password and pubkey auth
(although I needed to create /etc/shells).  I did not test agent functionality.

	- Darren Tucker (2004-01-04)

diff -ru dropbear-0.40pre1.orig/agentfwd.h dropbear-0.40pre1/agentfwd.h
--- dropbear-0.40pre1.orig/agentfwd.h	2004-01-04 17:44:10.000000000 +1100
+++ dropbear-0.40pre1/agentfwd.h	2004-01-04 17:50:14.000000000 +1100
@@ -35,5 +35,10 @@
 void agentsetauth(struct ChanSess *chansess);
 void agentset(struct ChanSess *chansess);
 
+#ifdef __hpux
+#define seteuid(a)       setresuid(-1, (a), -1)
+#define setegid(a)       setresgid(-1, (a), -1)
+#endif
+
 #endif /* DROPBEAR_AGENTFWD */
 #endif /* _AGENTFWD_H_ */
diff -ru dropbear-0.40pre1.orig/compat.h dropbear-0.40pre1/compat.h
--- dropbear-0.40pre1.orig/compat.h	2004-01-04 17:44:10.000000000 +1100
+++ dropbear-0.40pre1/compat.h	2004-01-04 17:50:14.000000000 +1100
@@ -25,4 +25,8 @@
 void endusershell();
 #endif
 
+#ifndef _PATH_DEVNULL
+#define _PATH_DEVNULL "/dev/null"
+#endif
+
 #endif /* _COMPAT_H_ */
diff -ru dropbear-0.40pre1.orig/configure.in dropbear-0.40pre1/configure.in
--- dropbear-0.40pre1.orig/configure.in	2004-01-04 17:44:10.000000000 +1100
+++ dropbear-0.40pre1/configure.in	2004-01-04 18:24:12.000000000 +1100
@@ -50,6 +50,9 @@
 	AC_DEFINE(AIX,,Using AIX)
 	;;
 	
+*-*-hpux*)
+	LIBS="$LIBS -lsec"
+	;;
 esac
 
 AC_CHECK_TOOL(AR, ar, :)
diff -ru dropbear-0.40pre1.orig/options.h dropbear-0.40pre1/options.h
--- dropbear-0.40pre1.orig/options.h	2004-01-04 17:44:11.000000000 +1100
+++ dropbear-0.40pre1/options.h	2004-01-04 17:50:14.000000000 +1100
@@ -53,7 +53,7 @@
 /* Enable TCP Fowarding */
 /* NOTE: TCP forwarding is still work-in-progress, -L forwarding should work,
  * -R forwarding isn't implemented yet */
-#define ENABLE_TCPFWD
+/* #define ENABLE_TCPFWD */
 
 /* Enable Authentication Agent Forwarding */
 #define ENABLE_AGENTFWD
@@ -118,12 +118,12 @@
  * produce a large amount of random data, so using /dev/random or Entropy
  * Gathering Daemon (egd) may result in halting, as it waits for more random
  * data */
-#define DROPBEAR_DEV_URANDOM /* use /dev/urandom */
+/* #define DROPBEAR_DEV_URANDOM */ /* use /dev/urandom */
 
-/*#undef DROPBEAR_PRNGD */ /* use prngd socket - you must manually set up prngd
+#define DROPBEAR_EGD /* use prngd socket - you must manually set up prngd
 							  to produce output */
-#ifndef DROPBEAR_PRNGD_SOCKET
-#define DROPBEAR_PRNGD_SOCKET "/var/run/dropbear-rng"
+#ifndef DROPBEAR_EGD_SOCKET
+#define DROPBEAR_EGD_SOCKET "/var/run/egd-pool"
 #endif
 
 /* Specify the number of clients we will allow to be connected but
diff -ru dropbear-0.40pre1.orig/random.c dropbear-0.40pre1/random.c
--- dropbear-0.40pre1.orig/random.c	2004-01-04 17:44:12.000000000 +1100
+++ dropbear-0.40pre1/random.c	2004-01-04 18:12:11.000000000 +1100
@@ -55,6 +55,7 @@
 	int readlen;
 #ifdef DROPBEAR_EGD
 	struct sockaddr_un egdsock;
+	char egdcmd[2];
 #endif
 
 #ifdef DROPBEAR_DEV_URANDOM
@@ -78,6 +79,13 @@
 			sizeof(struct sockaddr_un)) < 0) {
 		dropbear_exit("couldn't open random device");
 	}
+
+	if (buflen > 255)
+		dropbear_exit("can't request more than 255 bytes from egd");
+	egdcmd[0] = 0x02;	/* blocking read */
+	egdcmd[1] = (unsigned char)buflen;
+	if (write(readfd, egdcmd, 2) < 0)
+		dropbear_exit("can't send command to egd");
 #endif
 
 	/* read the actual random data */
diff -ru dropbear-0.40pre1.orig/termcodes.c dropbear-0.40pre1/termcodes.c
--- dropbear-0.40pre1.orig/termcodes.c	2004-01-04 17:44:12.000000000 +1100
+++ dropbear-0.40pre1/termcodes.c	2004-01-04 17:50:14.000000000 +1100
@@ -43,7 +43,11 @@
 #else
 		{0, 0},
 #endif
+#ifdef VREPRINT
 		{VREPRINT, TERMCODE_CONTROLCHAR},
+#else
+		{0, 0},
+#endif
 #ifdef AIX
 		{CERASE, TERMCODE_CONTROLCHAR},
 #else
@@ -67,8 +71,10 @@
 #endif
 #ifdef AIX
 		{CKILL, TERMCODE_CONTROLCHAR},
-#else
+#elif defined(VDISCARD)
 		{VDISCARD, TERMCODE_CONTROLCHAR},
+#else
+		{0, 0},
 #endif
 		{0, 0}, /* 19 */
 		{0, 0},